Lets encrypt
This page was created by Hans.karlsen on 2020-07-31. Last edited by Edgar on 2025-01-20.
Lets encrypt issues free, shortlived SSL certs. You can set up Azure to renew them automatically:
https://www.hanselman.com/blog/SecuringAnAzureAppServiceWebsiteUnderSSLInMinutesWithLetsEncrypt.aspx
Lets encrypt:
- Add a custom domain to your App
- Add or reuse a storage account and copy the connectionstring for use in step 6 (the Lets encrypt extension stores data here)
- Azure AD , App reg: xxxxLetsEncrypt
- Remember AppId: xxxxxxxx
- Add secret - name it login yyyyyyyy
- Resource group running xxx, AccessControl, add permission, contributor, your app xxxLetsEncrypt should be a contributor
- Go to the app service in Azure portal xxx, Extensions, Azure Lets Encrypt, you must add connection strings in setting
- AzureWebJobsDashboard
- AzureWebJobsStorage, both with the same value: connection string to your storage account
- Configure extension http://YOURSITENAME.scm.azurewebsites.net/LetsEncrypt
- ...follow the guide/next - you get a box with your domain names, select one +request and install, repeat, -> you now have certs
- Go back to the app and use them on your custom domains, turn on always SSL.